Security issue with WebRTC

[swapna iyer]

I am new to WebRTC, but understand that the protocol does not define the signaling. From this document, there are a few bugs in popular implementations of WebRTC based applications.

What I understood is that WebRTC protocol only defines the reliable media transmission mechanism, but expects application developers to implement the control logic (with many, out of band choices) correctly.

I think this is a security bug with the WebRTC protocol itself. Since the use case is for peer to peer data transmission, I think WebRTC should include signaling protocol along with it to protect both parties/ data. Is there any reason this cannot be done?

Best,

Swapna